package com.aaa.interceptors;

import com.aaa.service.MenuService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.util.List;

/**
 * 权限校验拦截器
 */
@Component
public class PermitInterceptor implements HandlerInterceptor {
    @Autowired
    private MenuService menuService;
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        //先获取用户当前访问的路径
        String servletpath=request.getServletPath();
        //判断当前用户能够访问这个路径
        //ck/toList rk/toList
        //把用户能操作的权限信息集合查询出来？能
        HttpSession session=request.getSession();
        List<String> permits=(List<String>) session.getAttribute("PERMITS");

        //去当前用户访问路径的/a部分/b部分 的a部分取出来
        String path=servletpath.split("/")[1];
        //判断在permits集合中如果没有path
        if (!permits.contains(path)){
            //跳转到权限不足的界面
            response.sendRedirect("/noPermit");
            return false;
        }
        System.out.println("做权限校验");
        return true;
    }
}
